Launchpad CVE tracker

CVE 2009-4112

Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands.

Related bugs and status

CVE-2009-4112 (Candidate) is related to these bugs:

Bug #599892: [Security] cacti - CVE-2009-4032, CVE-2010-1431, and CVE-2010-2092

		In	Importance	Status
599892	[Security] cacti - CVE-2009-4032, CVE-2010-1431, and CVE-2010-2092	cacti (Ubuntu)	Medium	Invalid
599892	[Security] cacti - CVE-2009-4032, CVE-2010-1431, and CVE-2010-2092	cacti (Ubuntu Hardy)	Undecided	Won't Fix
599892	[Security] cacti - CVE-2009-4032, CVE-2010-1431, and CVE-2010-2092	cacti (Ubuntu Jaunty)	Undecided	Won't Fix
599892	[Security] cacti - CVE-2009-4032, CVE-2010-1431, and CVE-2010-2092	cacti (Ubuntu Lucid)	Undecided	Fix Released
599892	[Security] cacti - CVE-2009-4032, CVE-2010-1431, and CVE-2010-2092	cacti (Ubuntu Karmic)	Undecided	Won't Fix
599892	[Security] cacti - CVE-2009-4032, CVE-2010-1431, and CVE-2010-2092	cacti (Ubuntu Maverick)	Medium	Invalid

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2009-4112

References